Menu
Main objective: How can I get an access token with unlimited validity for a facebook app?
Background information
We have a FB app called MyApp with the following set up:
Our goal is to extract the Insights data automatically, e.g. once every night.
Attempt with oauth generated app token
Get APP_ACCESS_TOKEN belonging to MyAPP
graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=client_credentials
example of retireved token: 328467452729456598|Wn2Gt69Ofg5ySdOGa3TsP2p4R
Use APP_ACCESS_TOKEN to get PAGE_ACCESS_TOKEN for each page graph.facebook.com/me/accounts?access_token=APP_ACCESS_TOKEN
Use PAGE_ACCESS_TOKEN to get the page’s Insights data: graph.facebook.com/YOUR_APP_ID/insights?access_token=PAGE_ACCESS_TOKEN
My problem is that the APP_ACCESS_TOKEN I get from step 1 seems to be missing the user part of the token, resulting in the following error when running step 2:
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500
Attempt with token retrieved from Graph Explorer API token
If I use the APP_ACCESS_TOKEN gained through the Graph API Explorer (https://developers.facebook.com/tools/explorer), I get a token with the user part that is significantly longer. If I use this token in step 2 and 3, I get correct data, but all tokens are only valid for 2 hours, and subsequently I cannot use this for automated retrieval of insights data.
Attempt with exchanging short lived token for long lived token
Following the steps outlined in this guide: https://developers.facebook.com/roadmap/offline-access-removal/#page_access_token, I tried to exchange a short lived token for a longer lived one.
If I use try to exchange the token obtained from the oauth process, I get the error:
"message": "No user access token specified",
"type": "OAuthException",
"code": 1
If I use the token obtained manually from the Graph explorer in the exchange method, I can get the other steps to work as well, but for how long does this new token last? If the token expires after x days or after the some other event, I would still be faced with the issue of obtaining the initial token programatically (as opposed to manually every from the Graph Explorer).
So does anyone know how I can get a long-lived, automatically retrieved token to solve this?
Thanks!
589
At a high level, you obtain a long-lived token for the client by: Using a valid, long-lived access token, your server sends a request to get a code from Facebook. Facebook sends a code back to your server and you securely send this code to the client.
If you want to make sure your Facebook page access token never expires, click “Debug” button. If you can see “expires: never”, it means Facebook page access token will never expire.
When your app uses Facebook Login to authenticate someone, it receives a User access token. If your app uses one of the Facebook SDKs, this token lasts for about 60 days. However, the SDKs automatically refresh the token whenever the person uses your app, so the tokens expire 60 days after last use.
This shell script attempts to help generate access tokens:
https://github.com/dncohen/fb_token
196
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
